File Download
There are no files associated with this item.
Links for fulltext
(May Require Subscription)
- Publisher Website: 10.1145/3576915.3616610
- Scopus: eid_2-s2.0-85179852147
Supplementary
-
Citations:
- Scopus: 0
- Appears in Collections:
Conference Paper: Hopper: Interpretative Fuzzing for Libraries
Title | Hopper: Interpretative Fuzzing for Libraries |
---|---|
Authors | |
Keywords | Automated Test Generation Code Synthesis Fuzzing Interpreter Vulnerability Detection |
Issue Date | 2023 |
Citation | CCS 2023 - Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security, 2023, p. 1600-1614 How to Cite? |
Abstract | Despite the fact that the state-of-the-art fuzzers can generate inputs efficiently, existing fuzz drivers still cannot adequately cover entries in libraries. Most of these fuzz drivers are crafted manually by developers, and their quality depends on the developers' understanding of the code. Existing works have attempted to automate the generation of fuzz drivers by learning API usage from code and execution traces. However, the generated fuzz drivers are limited to a few specific call sequences by the code being learned. To address these challenges, we present Hopper, which can fuzz libraries without requiring any domain knowledge to craft fuzz drivers. It transforms the problem of library fuzzing into the problem of interpreter fuzzing. The interpreters linked against libraries under test can interpret the inputs that describe arbitrary API usage. To generate semantically correct inputs for the interpreter, Hopper learns the intra- and inter-API constraints in the libraries and mutates the program with grammar awareness. We implemented Hopper and evaluated its effectiveness on 11 real-world libraries against manually crafted fuzzers and other automatic solutions. Our results show that Hopper greatly outperformed the other fuzzers in both code coverage and bug finding, having uncovered 25 previously unknown bugs that other fuzzers couldn't. Moreover, we have demonstrated that the proposed intra- and inter-API constraint learning methods can correctly learn constraints implied by the library and, therefore, significantly improve the fuzzing efficiency. The experiment results indicate that Hopper is able to explore a vast range of API usages for library fuzzing out of the box. |
Persistent Identifier | http://hdl.handle.net/10722/347087 |
DC Field | Value | Language |
---|---|---|
dc.contributor.author | Chen, Peng | - |
dc.contributor.author | Xie, Yuxuan | - |
dc.contributor.author | Lyu, Yunlong | - |
dc.contributor.author | Wang, Yuxiao | - |
dc.contributor.author | Chen, Hao | - |
dc.date.accessioned | 2024-09-17T04:15:17Z | - |
dc.date.available | 2024-09-17T04:15:17Z | - |
dc.date.issued | 2023 | - |
dc.identifier.citation | CCS 2023 - Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security, 2023, p. 1600-1614 | - |
dc.identifier.uri | http://hdl.handle.net/10722/347087 | - |
dc.description.abstract | Despite the fact that the state-of-the-art fuzzers can generate inputs efficiently, existing fuzz drivers still cannot adequately cover entries in libraries. Most of these fuzz drivers are crafted manually by developers, and their quality depends on the developers' understanding of the code. Existing works have attempted to automate the generation of fuzz drivers by learning API usage from code and execution traces. However, the generated fuzz drivers are limited to a few specific call sequences by the code being learned. To address these challenges, we present Hopper, which can fuzz libraries without requiring any domain knowledge to craft fuzz drivers. It transforms the problem of library fuzzing into the problem of interpreter fuzzing. The interpreters linked against libraries under test can interpret the inputs that describe arbitrary API usage. To generate semantically correct inputs for the interpreter, Hopper learns the intra- and inter-API constraints in the libraries and mutates the program with grammar awareness. We implemented Hopper and evaluated its effectiveness on 11 real-world libraries against manually crafted fuzzers and other automatic solutions. Our results show that Hopper greatly outperformed the other fuzzers in both code coverage and bug finding, having uncovered 25 previously unknown bugs that other fuzzers couldn't. Moreover, we have demonstrated that the proposed intra- and inter-API constraint learning methods can correctly learn constraints implied by the library and, therefore, significantly improve the fuzzing efficiency. The experiment results indicate that Hopper is able to explore a vast range of API usages for library fuzzing out of the box. | - |
dc.language | eng | - |
dc.relation.ispartof | CCS 2023 - Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security | - |
dc.subject | Automated Test Generation | - |
dc.subject | Code Synthesis | - |
dc.subject | Fuzzing | - |
dc.subject | Interpreter | - |
dc.subject | Vulnerability Detection | - |
dc.title | Hopper: Interpretative Fuzzing for Libraries | - |
dc.type | Conference_Paper | - |
dc.description.nature | link_to_subscribed_fulltext | - |
dc.identifier.doi | 10.1145/3576915.3616610 | - |
dc.identifier.scopus | eid_2-s2.0-85179852147 | - |
dc.identifier.spage | 1600 | - |
dc.identifier.epage | 1614 | - |